1. Field of the Invention
The present invention is directed to local area data communications networks, and in particular to active repeater units for use in star-configured carrier sense medium access collision detection (CSMA/CD) type networks having the characteristic that all traffic on the network medium can be seen by any station connected to the network. This invention is particularly directed to networks governed by the ANSI/IEEE 802.3 standards.
2. Description of Related Art
CSMA/CD networks such as 10BASET-type networks can include one or more active repeater units to which a plurality of data terminal equipment units (DTEs) are attached. Each DTE is attached to a corresponding port of the active repeater unit. The DTEs communicate with one another by sending data transmissions (referred to as "data packets") to the active repeater unit. The active repeater unit then retransmits this data packet through all of its other ports to the other DTEs attached to that active repeater unit. Each packet of data includes information identifying the DTE to which it is addressed (this information is known as the "destination address" of the data packet). When a data packet reaches a DTE, interface structure associated with the DTE determines whether the destination address of the received data packet corresponds to the address of that DTE. If a match occurs, the data contained within the data packet is conveyed onward to the DTE. If no match occurs, the data packet is disregarded.
A problem with this access method is that the filtering function of the DTE interface can be bypassed (since the DTE and its interface are located where users have access to them) so that the data contained in a data packet can be read by devices other than the DTE to which the packet is addressed. This feature can result in authorized users of the network having access to information conveyed on the network which was not intended to be transmitted to those users. Additionally, once an unauthorized device accesses the network, it can see all traffic transmitted through the network (even though none of that traffic is addressed to that unauthorized device).
Accordingly, it is desirable to prevent data addressed to one DTE from reaching other DTEs in the network. One way to do this would be to somehow transmit data packets only through an active repeater port attached to the DTE having an address corresponding to the destination address of the transmitted data packet. However, CSMA/CD network protocols require that all DTEs on the network "know" when other DTEs are using the network. One of the protocols in CSMA/CD networks requires idle DTEs (DTEs which are not transmitting data packets) to refrain from attempting to transmit data on the network when other DTEs are transmitting on the network. This is required because when more than one DTE attempts to transmit on the network, a collision occurs in the active repeater unit. This collision causes the active repeater unit to generate a jam signal that causes all transmitting DTEs to stop transmitting. The previously transmitting DTEs then attempt their transmission at a later time. Currently, DTEs in CSMA/CD-type networks determine whether other DTEs are transmitting on the network based upon sensing the transmission of data packets through the network (which, as described above, are transmitted through all ports of the active repeater unit to all DTEs on the network).
Accordingly, some type of signal must be substituted for data packets (when it is not desired to transmit the data packet to a DTE), so that all DTEs sense that the network is currently being used by another DTE.
Another requirement for any addition to a CSMA/CD-type network is that it be capable of operating with minimal data packet buffering. While some networks store entire data packets (for retransmission at a later time), the CSMA/CD protocols do not permit buffering on a data packet basis. Although some buffering (3 or 4 bits) occurs in the active repeater unit of these networks (in order to compensate for different transmission frequencies of different DTEs on the network), buffering on a packet basis is not acceptable in these networks. The maximum amount of buffering acceptable is in the range between about 4 and 14 bits. The reason for this should be apparent, since the storage of data packets would interfere with the collision-detection operations described above.
While a number of patents exist for providing some type of security function in some networks, none of these patents disclose filters for selectively transmitting data packets through repeater ports of CSMA/CD type networks such as ETHERNET-type networks.
U.S. Pat. No. 4,901,348 to Nichols et al discloses a security arrangement for securing data transmissions to and from one data device among a plurality of date devices sharing a common interface. The interface comprises a data processor for processing incoming and outgoing data transmission, a selective routing and transmission controller for generating a jamming signal, and a transmit/receive regulator associated with each device for discriminately inhibiting or enabling a data transmission to or from associated data devices. Data packets are only received by the data device having the appropriate destination address. When a data device transmits, other data devices cannot "eavesdrop". When a specific data device is receiving or transmitting a packet, all other data devices receive a "jamming" signal.
The device disclosed in U.S. Pat. No. 4,901,348 requires buffering on a data packet basis. Accordingly, it is not capable of operating transparently in the single access domain of ETHERNET-type networks.
U.S. Pat. No. 4,998,247 to Irvine-Halliday et al discloses an active star configured LAN having a selective broadcast capability such that a node may transmit a packet directly to one other node or to all nodes accessing a specific hub without any of the remaining network nodes being aware of the transmission. As discussed above, DTEs of ETHERNET-type networks must sense when other devices are accessing the network medium so that they do not attempt to access the network, and thus cause a collision to occur.
U.S. Pat. No. 4,922,486 to Lidinsky et al discloses a metropolitan area network (MAN) which provides a security feature by storing a user ID/port pairing in memory, and then comparing the pairings located in the headers of transmissions with stored pairings in order to authenticate each transmission.
U.S. Pat. No. 5,027,347 to Malkki discloses an intercom system comprising a central unit and a plurality of remote stations connected to the central unit by two-way lines into a network with a star configuration. Connection is established between two or more lines via the central unit in response to selection information received from a remote station. This patent relates to intercom systems which convey analog speech signals therethrough, not digital data packets.
Other background art of interest includes U.S. Pat. Nos.: 4,531,238 to Rawson et al, which discloses collision detection features in an active repeater-like device usable in an ETHERNET system; 4,099,024 to Boggs et al, which discloses a repeater for connecting two segments of a bidirectional communications network; 4,063,220 to Metcalfe et al, which discloses a communications network (without an active repeater) that operates using the CSMA/CD protocols; 4,459,589 to Ito; and 4,809,362 to Claus et al. For additional information relating to networks operating in accordance with the CSMA/CD access method, also see ANSI/IEEE standards 802.3, in particular, sections 4, 9 and 14.
The above standards, as well as the U.S. patents cited above are incorporated herein by reference for purposes of background.